a50d917d570a3a80477468ae7bfcdffa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a50d917d570a3a80477468ae7bfcdffa_JaffaCakes118
Size

496KB
MD5

a50d917d570a3a80477468ae7bfcdffa
SHA1

a59b38611928985cb4847a411c6ff89821fe3bd0
SHA256

cb0a7dbdf51c5b2952d26424e426f377b39ae9bce603fc00e6feedbf124c4753
SHA512

10af9598df6c0cd99f456703bbb62956d7a3adb7873e64e5c8351c0a2bbdcaa3c63d1d21a79934dec4875aac3a262c62e56b89f0099d6b9c8ed8fb581122b680
SSDEEP

3072:JpGkemSBzGNN4dDGTTwCmdHXb24jGxR+E4GTHteVFFXd7dfa3Wm:TmfDr2OGxRT4kHteV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a50d917d570a3a80477468ae7bfcdffa_JaffaCakes118

Files

a50d917d570a3a80477468ae7bfcdffa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25f95461e0ea0d6b8bfadb5422b13e41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

comdlg32

ChooseFontA
ChooseColorA

olepro32

OleTranslateColor

winmm

mciSendStringA

gdiplus

GdipCreatePen1
GdipDeleteGraphics
GdipCreatePath
GdipSetSmoothingMode
GdipSetStringFormatAlign
GdipDeletePath
GdipCreateSolidFill
GdipDeleteFontFamily
GdipDrawPath
GdipCreateStringFormat
GdipSetPenLineJoin
GdiplusShutdown
GdiplusStartup
GdipCreateFont
GdipDeleteFont
GdipAddPathString
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipDeletePen
GdipCreateFromHDC
GdipDeleteBrush
GdipFillPath

gdi32

CloseFigure
SelectObject
GetDeviceCaps
PlayMetaFile
Polyline
CreateBitmap
CreatePen
MoveToEx
DeleteDC
CreateHatchBrush
PlayEnhMetaFile
Chord
SetArcDirection
CreateRoundRectRgn
EndPath
GetPolyFillMode
CreateSolidBrush
CreateCompatibleDC
CreateDIBSection
Ellipse
Polygon
GetPixel
LineTo
PolyBezier
RealizePalette
GetROP2
StretchBlt
SetROP2
BeginPath
GetTextColor
CloseEnhMetaFile
SetTextColor
Rectangle
PolyPolygon
GetArcDirection
CreateRectRgn
GetBkMode
Pie
GetBkColor
GetTextExtentPointA
TextOutA
SetPolyFillMode
SelectClipPath
Arc
RoundRect
DeleteObject
CreateCompatibleBitmap
CreateFontA
BitBlt
SetBkColor
SetBkMode
SetDIBColorTable
DeleteEnhMetaFile

kernel32

RtlMoveMemory
LoadLibraryA
FreeLibrary
Sleep
GetTickCount
GetShortPathNameA

user32

DrawFrameControl
SetWindowPos
DrawIconEx
IsWindow
GetWindowRect
GetDesktopWindow
GetWindowTextA
ReleaseCapture
FindWindowA
FillRect
GetWindowLongA
LockWindowUpdate
GetMenuItemID
SetWindowTextA
FindWindowExA
OffsetRect
GetClassNameA
SetWindowLongA
GetMenu
GetMenuStringA
GetSubMenu
ReleaseDC
WindowFromPoint
PostMessageA
GetMenuState
DrawFocusRect
GetDC
TrackPopupMenu
GetAsyncKeyState
SetPropA
DrawEdge
SetRect
GetWindow
GetClientRect
GetPropA
GetCursorPos
GetParent

msvbvm60

EVENT_SINK_GetIDsOfNames
ord582
ord583
ord690
ord588
MethCallEngine
EVENT_SINK_Invoke
ord518
Zombie_GetTypeInfo
ord591
EVENT_SINK2_Release
ord595
ord303
ord598
ord520
ord705
ord309
ord631
ord709
ord525
ord632
ord526
ord633
EVENT_SINK_AddRef
ord561
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ord319
ProcCallEngine
ord535
ord644
ord570
ord648
ord571
ord572
EVENT_SINK2_AddRef
ord681
ord578
ord685
ord100
ord689
ord320
ord321
ord616
ord617
ord619
ord541
ord581

Sections

.text
Size: 484KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

25f95461e0ea0d6b8bfadb5422b13e41

Headers

File Characteristics

Imports

shell32

comdlg32

olepro32

winmm

gdiplus

gdi32

kernel32

user32

msvbvm60

Sections

.text Size: 484KB - Virtual size: 482KB

.data Size: - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 84KB

.text
Size: 484KB - Virtual size: 482KB

.data
Size: - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 84KB